Added more security flags to prevent XSS attack from cookie.

2025-08-03 09:45:03 +02:00 · 2024-10-09 15:56:47 +01:00 · 2024-10-09 15:56:47 +01:00 · 96365eef2a
commit 96365eef2a
parent c08c069479
4 changed files with 45 additions and 1 deletions
--- a/system/controllers/admin.php
+++ b/system/controllers/admin.php
@ -5,6 +5,10 @@
 *  by https://t.me/ibnux
 **/

+ header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+ header("Expires: Tue, 01 Jan 2000 00:00:00 GMT");
+ header("Pragma: no-cache");
+
 if(Admin::getID()){
    r2(U.'dashboard', "s", Lang::T("You are already logged in"));
 }